News and Events

Tag: ponemon

Many Australian businesses need to rethink their approach to security to prepare for their nation’s new mandatory data breach notification law which take effect this month. The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organizations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and must also report the incident to the Privacy Commissioner. The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records…

‘Tis the season of holiday cookies, warm sweaters hot cocoa and… holiday shopping deals. According to Deloitte, retailers can expect to see holiday sales growth as much as 4.5 percent and could top $1 trillion between the months of November and January this year. It’s even looking better for online shopping. “E-commerce sales… are expected to increase 18 to 21 percent during the 2017 holiday season… Digital sales climbed 14.3 percent in 2016” It is certainly looking jolly for the retail industry all around, but with an increase in online shopping, does that mean an increase in cyber threats this…

Countless breaches of the past year demonstrate that C-suite executives and company directors must rethink their security. Earlier this year, Equifax saw its share price drop by 13 per cent within a day of revealing a data breach while last year Yahoo suffered a $350 million cut in its sale price to Verizon after reporting data breaches affecting one billion accounts — a number that was later increased to all three billion accounts with critical information stolen, including names, email addresses, telephone numbers, encrypted or unencrypted security questions and answers, dates of birth, and hashed passwords. The devastation of these incidents, alone,…

According to Lloyd’s of London, a massive global cyberattack could result in economic losses as high as $53 billion. Given that, it’s no surprise that an increasing number of businesses are adding cybersecurity coverage to their liability insurance. But as businesses rush to insure, what exactly these policies cover, as well as the cost of premiums, is coming under scrutiny. A key question is whether or not non-malicious human activity is covered. On one hand, cybersecurity policies that do not cover human error — which would include falling victim to sophisticated phishing schemes, visiting Trojan-infected sites, or even deferring patches…

Aside from the cool sounding name, the Bad Rabbit Ransomware has quickly become a problem across Russia and Eastern Europe. While not as many are being affected as with WannaCry or Petya, it is still causing headaches for hundreds of organizations. Ransomware is a particularly nasty type of cyber-attack that costs far more than the relatively minor payouts demanded. For example, as we have seen with WannaCry, certain organizations are particularly vulnerable to ransomware such as healthcare. Disruption of patient care, destruction of data and general disorder caused by a ransomware attack is felt particularly hard by targeted healthcare organizations….

Equifax announced today that it was hit by a cyber security incident, potentially impacting 143 million consumers in the U.S. According to the company’s press release, “criminals exploited a U.S. website application vulnerability to gain access to certain files.” The “information accessed primarily includes names, Social Security numbers, birth dates, addresses… [and] credit card numbers.” After news of the breach broke, Equifax’s stock price dropped five percent. This is directly in line with a recent Centrify-commissioned Ponemon study, which found this to be the historic average on Day One. Moreover, Equifax’s stock price dropped 13-14 percent the day after its breach…

When I read the 2017 Verizon data breach report, I couldn’t help but notice that it would be relatively easy to reduce an attack surface by implementing a few best practices. Granted, that might mean you will need to spend some money, but considering that a breach could cost you $15 Million or more, according to Ponemon, and considering that 81% of breaches involve a weak or stolen password, wouldn’t it make sense spending your money where it has the most impact? Organizations need to reduce their attack surface! Now before I share tips provided by Verizon and Centrify on how you…

Ponemon Institute recently conducted a survey, sponsored by Centrify, designed to more deeply understand the current state of cybersecurity. The Impact of Data Breaches on Reputation & Share Value: A Study of U.S. Marketers, IT Practitioners and Consumers examines differing perspectives across a number of security topics. I’d like to focus on IT professionals at this time, as I believe the results are enlightening, to say the least. 43 Percent of IT practitioners said their organization had a data breach involving sensitive customer or business information in the past two years. This tells us that more than one in five organizations…

Centrify teamed up with security researcher Ponemon Institute to survey a large group of IT, information security, senior marketing and communication professionals as well as a healthy number of consumers. A key objective of the study was to get a handle on the financial impact of a cyber security breach on a typical organization. The bottom line (no pun intended) is that, the day the breach makes headlines: Your stock price will drop between an average of 3% to 7% when breach is announced You stand to lose a significant number of your customers You will see a corresponding loss…

The long-awaited negotiations governing the UK’s divorce from the EU officially began on 19 June, marking arguably the most important period in the country’s history since the Second World War. What follows remains to be seen, but given Brexit is now a reality, many UK organisations may be wondering/hoping whether this means they’ll be spared the sweeping new data protection regulation directed from Brussels. As the recent Queen’s Speech has again reminded us, there will be no such reprieve for UK organisations. Brexit means Brexit, and that means firms must accelerate their EU General Data Protection Regulation (GDPR) compliance plans…

Centrify CEO Tom Kemp, an industry expert in security and infrastructure software, discusses market and technology issues around the disruption occurring in the Identity and Access Management market due to the cloud, mobile and consumerization of IT trends occurring in today's IT environment.